Fix CVE-2014-3618.

https://bugzilla.redhat.com/show_bug.cgi?id=1121299

While here:
Convert to user-destdir by using pkgsrc setuid framework.
Add comments to some patches.

Bump PKGREVISION.

7 files changed, 47 insertions, 20 deletions

diff --git a/mail/procmail/Makefile b/mail/procmail/Makefile
index d31183d9822..708c6e43e28 100644
--- a/mail/procmail/Makefile
+++ b/mail/procmail/Makefile
@@ -1,8 +1,7 @@
-# $NetBSD: Makefile,v 1.47 2012/03/12 13:22:16 fhajny Exp $
-#
+# $NetBSD: Makefile,v 1.48 2014/09/04 07:37:44 wiz Exp $
 
 DISTNAME=	procmail-3.22
-PKGREVISION=	3
+PKGREVISION=	4
 CATEGORIES=	mail
 MASTER_SITES=	ftp://ftp.procmail.org/pub/procmail/
 
@@ -11,8 +10,6 @@ HOMEPAGE=	http://www.procmail.org/
 COMMENT=	Local mail delivery agent
 LICENSE=	artistic OR gnu-gpl-v2
 
-PKG_DESTDIR_SUPPORT=	destdir
-
 PKG_INSTALLATION_TYPES=	overwrite pkgviews
 
 MAKE_JOBS_SAFE=	no
@@ -21,6 +18,8 @@ MAKE_ENV+=	SHELL=${SH:Q} CHMOD=${CHMOD:Q}
 INSTALL_TARGET=	install-suid install.man
 UNLIMIT_RESOURCES=	datasize
 
+SPECIAL_PERMS+=	bin/procmail ${SETUID_ROOT_PERMS}
+
 .include "../../mk/bsd.prefs.mk"
 
 BUILD_DEFS+=	PROCMAIL_MAILSPOOLHOME PROCMAIL_TRUSTED_IDS
@@ -61,7 +60,6 @@ do-install:
 	for f in procmailex.5 procmailrc.5 procmailsc.5; do		\
 		${INSTALL_MAN} $$f ${DESTDIR}${PREFIX}/${PKGMANDIR}/man5/$$f; \
 	done
-	DESTDIR=${DESTDIR:Q} ${SH} ${WRKSRC}/suid.sh
 .endif
 
 .include "../../mk/bsd.pkg.mk"
diff --git a/mail/procmail/distinfo b/mail/procmail/distinfo
index a226656b42a..5c860a713c7 100644
--- a/mail/procmail/distinfo
+++ b/mail/procmail/distinfo
@@ -1,4 +1,4 @@
-$NetBSD: distinfo,v 1.14 2012/03/12 13:22:17 fhajny Exp $
+$NetBSD: distinfo,v 1.15 2014/09/04 07:37:44 wiz Exp $
 
 SHA1 (procmail-3.22.tar.gz) = cd4e44c15559816453fd60349e5a32289f6f2965
 RMD160 (procmail-3.22.tar.gz) = e609ec94ea9ab3b93629c62b3e29add497806483
@@ -9,8 +9,8 @@ SHA1 (patch-ac) = fe2350e704546c2262d546bb615175dd0591ba8b
 SHA1 (patch-ad) = b35d6d508a15b8e70734ac7ccd58c19db31717ab
 SHA1 (patch-ae) = b5ac027b337c8d9cf9c6096a48ef534315e18250
 SHA1 (patch-af) = 889f937f50561308c644d5a4bd836eccabbb2938
-SHA1 (patch-ag) = 66ae907f1b7ccfa10b5278443a9d9b0277923e61
-SHA1 (patch-ba) = dfe9a74ed4fece98850780bebedd162fd0e5b275
-SHA1 (patch-bb) = 0ba6c7a62ea49e8afc2e443fa84b4de692897af4
-SHA1 (patch-bc) = 3f37d5d4ba427407230aae58e4a08a7c87ccad4e
-SHA1 (patch-bd) = 7fe12e0b626c9c7a045cb4a6ccbed20614d5c8d6
+SHA1 (patch-ag) = 8f2ae1f2e7bdc3c2295148c33183176423802fee
+SHA1 (patch-ba) = 2ebbd43d2773b147ee6410e37ab3696aeda3c07c
+SHA1 (patch-bb) = 5b273bd60d24168794189bb844e39e94bd688ea8
+SHA1 (patch-bc) = 7344d3c2fce1bcd3276d8e5014bf9537c6dece5c
+SHA1 (patch-bd) = fb6f2fb4b5fe1ea01682a319b6655b023e5c5fd0
diff --git a/mail/procmail/patches/patch-ag b/mail/procmail/patches/patch-ag
index acb4f66d180..a4d18be5aeb 100644
--- a/mail/procmail/patches/patch-ag
+++ b/mail/procmail/patches/patch-ag
@@ -1,4 +1,6 @@
-$NetBSD: patch-ag,v 1.1 2006/01/08 13:43:26 joerg Exp $
+$NetBSD: patch-ag,v 1.2 2014/09/04 07:37:44 wiz Exp $
+
+Remove unportable errno redefinition.
 
 --- src/includes.h.orig	2006-01-08 13:33:18.000000000 +0000
 +++ src/includes.h
diff --git a/mail/procmail/patches/patch-ba b/mail/procmail/patches/patch-ba
index 75e62bf2957..2f3170c323d 100644
--- a/mail/procmail/patches/patch-ba
+++ b/mail/procmail/patches/patch-ba
@@ -1,4 +1,6 @@
-$NetBSD: patch-ba,v 1.2 2012/03/12 13:22:17 fhajny Exp $
+$NetBSD: patch-ba,v 1.3 2014/09/04 07:37:44 wiz Exp $
+
+Avoid conflict with existing getline() functions.
 
 --- src/formail.c.orig	2009-07-17 23:04:16.000000000 -0400
 +++ src/formail.c	2009-07-17 23:04:16.000000000 -0400
diff --git a/mail/procmail/patches/patch-bb b/mail/procmail/patches/patch-bb
index ecd7a0e1caa..67036c5ff0e 100644
--- a/mail/procmail/patches/patch-bb
+++ b/mail/procmail/patches/patch-bb
@@ -1,4 +1,6 @@
-$NetBSD: patch-bb,v 1.2 2012/03/12 13:22:17 fhajny Exp $
+$NetBSD: patch-bb,v 1.3 2014/09/04 07:37:44 wiz Exp $
+
+Avoid conflict with existing getline() functions.
 
 --- src/fields.c.orig	2009-07-17 23:04:16.000000000 -0400
 +++ src/fields.c	2009-07-17 23:04:16.000000000 -0400
diff --git a/mail/procmail/patches/patch-bc b/mail/procmail/patches/patch-bc
index 656ddfd69b5..28d0d9a4d8d 100644
--- a/mail/procmail/patches/patch-bc
+++ b/mail/procmail/patches/patch-bc
@@ -1,4 +1,6 @@
-$NetBSD: patch-bc,v 1.2 2012/03/12 13:22:17 fhajny Exp $
+$NetBSD: patch-bc,v 1.3 2014/09/04 07:37:44 wiz Exp $
+
+Avoid conflict with existing getline() functions.
 
 --- src/formisc.h.orig	2009-07-17 23:04:16.000000000 -0400
 +++ src/formisc.h	2009-07-17 23:04:16.000000000 -0400
diff --git a/mail/procmail/patches/patch-bd b/mail/procmail/patches/patch-bd
index b2f1a1f2d56..7ebb3f13a0e 100644
--- a/mail/procmail/patches/patch-bd
+++ b/mail/procmail/patches/patch-bd
@@ -1,8 +1,29 @@
-$NetBSD: patch-bd,v 1.2 2012/03/12 13:22:17 fhajny Exp $
+$NetBSD: patch-bd,v 1.3 2014/09/04 07:37:44 wiz Exp $
 
---- src/formisc.c.orig	2009-07-17 23:04:16.000000000 -0400
-+++ src/formisc.c	2009-07-17 23:04:16.000000000 -0400
-@@ -115,7 +115,7 @@
+First chunk:
+https://bugzilla.redhat.com/show_bug.cgi?id=1121299
+CVE-2014-3618
+
+Second chunk:
+Avoid conflict with existing getline() functions.
+
+--- src/formisc.c.orig	2001-06-29 02:20:45.000000000 +0000
++++ src/formisc.c
+@@ -84,12 +84,11 @@ normal:	   *target++= *start++;
+ 	case '"':*target++=delim='"';start++;
+       }
+      ;{ int i;
+-	do
++	while(*start)
+ 	   if((i= *target++= *start++)==delim)	 /* corresponding delimiter? */
+ 	      break;
+ 	   else if(i=='\\'&&*start)		    /* skip quoted character */
+ 	      *target++= *start++;
+-	while(*start);						/* anything? */
+       }
+      hitspc=2;
+    }
+@@ -115,7 +114,7 @@ void loadchar(c)const int c;		      /* a
    buf[buffilled++]=c;
  }